CVSS: 8.1EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3864 – Mozilla: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10
https://notcve.org/view.php?id=CVE-2024-3864
16 Apr 2024 — Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. Error de seguridad de la memoria presente en Firefox 124, Firefox ESR 115.9 y Thunderbird 115.9. Este error mostró evidencia de corrupción de memoria y suponemos que con suficiente esfuerzo esto podr... • https://bugzilla.mozilla.org/show_bug.cgi?id=1888333 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 3.7EPSS: 0%CPEs: 35EXPL: 0CVE-2024-3302 – Mozilla: Denial of Service using HTTP/2 CONTINUATION frames
https://notcve.org/view.php?id=CVE-2024-3302
16 Apr 2024 — There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. No había límite para la cantidad de frames de CONTINUATION HTTP/2 que se procesarían. Un servidor podría abusar de esto para crear una condición de falta de memoria en el navegador. • https://bugzilla.mozilla.org/show_bug.cgi?id=1881183 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3861 – Mozilla: Potential use-after-free due to AlignedBuffer self-move
https://notcve.org/view.php?id=CVE-2024-3861
16 Apr 2024 — If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. Si se asignara un AlignedBuffer a sí mismo, el movimiento automático posterior podría dar como resultado un recuento de referencias incorrecto y, posteriormente, un use-after-free. Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. The Mozilla Foundation Secu... • https://bugzilla.mozilla.org/show_bug.cgi?id=1883158 • CWE-416: Use After Free •
CVSS: 6.4EPSS: 0%CPEs: 35EXPL: 0CVE-2024-3859 – Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
https://notcve.org/view.php?id=CVE-2024-3859
16 Apr 2024 — On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. En las versiones de 32 bits había desbordamientos de enteros que conducían a una lectura fuera de los límites que potencialmente podría ser provocada por una fuente OpenType con formato incorrecto. Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. The... • https://bugzilla.mozilla.org/show_bug.cgi?id=1874489 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3857 – Mozilla: Incorrect JITting of arguments led to use-after-free during garbage collection
https://notcve.org/view.php?id=CVE-2024-3857
16 Apr 2024 — The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. El JIT creó código incorrecto para los argumentos en ciertos casos. Esto provocó posibles fallos de use-after-free durante la recolección de basura. • https://bugzilla.mozilla.org/show_bug.cgi?id=1886683 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3854 – Mozilla: Out-of-bounds-read after mis-optimized switch statement
https://notcve.org/view.php?id=CVE-2024-3854
16 Apr 2024 — In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. En algunos patrones de código, el JIT optimizó incorrectamente las declaraciones de cambio y generó código con lecturas fuera de los límites. Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. The Mozilla Foundation Security Advisory describes this flaw as: In some code patterns the J... • https://bugzilla.mozilla.org/show_bug.cgi?id=1884552 • CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 0%CPEs: 36EXPL: 0CVE-2024-3852 – Mozilla: GetBoundName in the JIT returned the wrong object
https://notcve.org/view.php?id=CVE-2024-3852
16 Apr 2024 — GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. GetBoundName podría devolver la versión incorrecta de un objeto cuando se aplicaron optimizaciones JIT. Esta vulnerabilidad afecta a Firefox < 125 y Firefox ESR < 115.10. The Mozilla Foundation Security Advisory describes this flaw as: GetBoundName could return the wrong version of an object when JIT optimizations were a... • https://bugzilla.mozilla.org/show_bug.cgi?id=1883542 • CWE-386: Symbolic Name not Mapping to Correct Object CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.6EPSS: 0%CPEs: 30EXPL: 0CVE-2024-32487 – less: OS command injection
https://notcve.org/view.php?id=CVE-2024-32487
13 Apr 2024 — less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases. less hasta 653 permite la ejecución de comandos del sistema operativo mediante un carácter de nueva línea en el nombre de un archivo, po... • http://www.openwall.com/lists/oss-security/2024/04/15/1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2023-29483 – dnspython: denial of service in stub resolver
https://notcve.org/view.php?id=CVE-2023-29483
11 Apr 2024 — eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. eventlet ant... • https://github.com/eventlet/eventlet/issues/913 • CWE-292: DEPRECATED: Trusting Self-reported DNS Name CWE-696: Incorrect Behavior Order •
CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0CVE-2024-31083 – Xorg-x11-server: use-after-free in procrenderaddglyphs
https://notcve.org/view.php?id=CVE-2024-31083
05 Apr 2024 — A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the syst... • http://www.openwall.com/lists/oss-security/2024/04/03/13 • CWE-416: Use After Free •